File(s) under permanent embargo
Fuzzy logic application to link national culture and cybersecurity maturity
conference contributionposted on 2019-01-01, 00:00 authored by Jay JeongJay Jeong, Marthie Grobler, M A P Chamikara, Carsten Rudolph
National culture and cybersecurity maturity both play defining roles in the identity and security of a nation. This study examines the relationship that these two constructs play in determining whether certain cultural dimensions of a nation leads to riskier cybersecurity behaviours. By examining Hofstede’s six cultural dimensions and the influence that these dimensions have on the strength of real world username/password combinations, we develop a research model based on fuzzy logic to predict the level of influence that national culture has on a country’s Cybersecurity Maturity Level (CML), based on the confirmed affirmation of the relationship between national culture and cybersecurity maturity. The generation of the fuzzy model involves three semantic steps: (1) conducting statistical correlation analyses based on the datasets related to 65 countries, (2) synthesizing a fuzzy model based on the derived knowledge, and (3) evaluating the fuzzy model based on public domain cybersecurity maturity data of three countries. Our statistical analyses reveal a strong correlation between the cultural dimensions of power distance (PDI), long term orientation (LTO) and individualism (IDV) with login strength, implicating that these dimensions also strongly impact cybersecurity maturity. Consequently, the proposed fuzzy model takes PDI, LTO, and IDV as the inputs to derive a quantitative value to the Global Cybersecurity Index (GCI) related to a particular country. Hence, the novelty of this research lies in its interdisciplinary approach of creating and validating a model that can be used to determine the influence that national culture has on the CML. Furthermore, this study suggests that national culture must be factored in when determining cybersecurity policy and frameworks which govern individuals within a nation’s cybersecurity maturity development.